Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
data vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-28442
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function.
Js-data Js-data
7.5
CVSSv2
CVE-2021-23574
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of [CVE-2020-28442](https://snyk.io/vuln/SNYK-JS-JSDATA-1023655).
Js-data Js-data
4
CVSSv2
CVE-2016-1895
NetApp Data ONTAP prior to 8.2.5 and 8.3.x prior to 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling.
Netapp Data Ontap 8.3.2p12
Netapp Data Ontap 9.0
Netapp Data Ontap
5
CVSSv2
CVE-2021-39023
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213860.
Ibm Guardium Data Encryption 1.10.1
Ibm Guardium Data Encryption 2.6.4.21
Ibm Guardium Data Encryption 2.6
Ibm Guardium Data Encryption 4.0.0
Ibm Guardium Data Encryption 5.0.0
4.9
CVSSv2
CVE-2013-2794
Triangle MicroWorks SCADA Data Gateway 2.50.0309 up to and including 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 up to and including 3.15.0.369, and DNP3 C libraries 3.06.0000 up to and including 3.15.0000 allow physically proximate malicious users to cause a denial of se...
Trianglemicroworks Ansi C Source Code Libraries 3.09.0000
Trianglemicroworks Ansi C Source Code Libraries 3.07.0000
Trianglemicroworks Ansi C Source Code Libraries 3.14.0000
Trianglemicroworks Ansi C Source Code Libraries 3.13.0000
Trianglemicroworks Ansi C Source Code Libraries 3.12.0000
Trianglemicroworks Ansi C Source Code Libraries 3.11.0000
Trianglemicroworks Ansi C Source Code Libraries 3.10.0000
Trianglemicroworks Ansi C Source Code Libraries 3.15.0000
Trianglemicroworks Ansi C Source Code Libraries 3.08.0000
Trianglemicroworks Ansi C Source Code Libraries 3.06.0000
Trianglemicroworks .net Communication Protocol Components 3.06.0.171
Trianglemicroworks .net Communication Protocol Components 3.15.0.369
Trianglemicroworks .net Communication Protocol Components 3.15.00
Trianglemicroworks .net Communication Protocol Components 3.11.00
Trianglemicroworks .net Communication Protocol Components 3.09.00
Trianglemicroworks .net Communication Protocol Components 3.08.00
Trianglemicroworks .net Communication Protocol Components 3.07.00
Trianglemicroworks .net Communication Protocol Components 3.14.00
Trianglemicroworks .net Communication Protocol Components 3.10.00
Trianglemicroworks Scada Data Gateway 2.54.0598
Trianglemicroworks Scada Data Gateway 2.54.0597
Trianglemicroworks Scada Data Gateway 2.54.0596
5
CVSSv2
CVE-2004-0950
NetOp Host prior to 7.65 build 2004278 allows remote malicious users to obtain sensitive hostname, username and local IP address information via (1) a NetOp HELO request, or (2) when responses are disabled, a "custom" HELO request.
Danware Data Netop 6.0
Danware Data Netop 6.50
Danware Data Netop 7.0.1 Build2002-01-29
Danware Data Netop 7.50 Build2003-08-04
Danware Data Netop 7.60 Build2003-06-24
2.1
CVSSv2
CVE-2018-5497
Clustered Data ONTAP versions before 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
Netapp Clustered Data Ontap
Netapp Clustered Data Ontap 9.1
Netapp Clustered Data Ontap 9.3
Netapp Clustered Data Ontap 9.4
4
CVSSv2
CVE-2016-3064
NetApp Clustered Data ONTAP prior to 8.2.4P4 and 8.3.x prior to 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors.
Netapp Clustered Data Ontap 8.3
Netapp Clustered Data Ontap 8.3.1
Netapp Clustered Data Ontap 8.3.2
Netapp Clustered Data Ontap
4.3
CVSSv2
CVE-2014-3432
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x prior to 4.5 allows remote malicious users to inject arbitrary web script or HTML via an unspecified form field.
Symantec Data Insight 3.0
Symantec Data Insight 4.0
Symantec Data Insight 3.0.1
4.3
CVSSv2
CVE-2014-3433
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x prior to 4.5 allows remote malicious users to inject arbitrary web script or HTML via an unspecified form field, related to an "HTML script injection" issue.
Symantec Data Insight 4.0
Symantec Data Insight 3.0.1
Symantec Data Insight 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »